def setEPassport(self, ep):
self._forged = []
for x in ep:
if x not in( converter.toTAG("DG15"), converter.toTAG("Common")):
self._forged.append(ep[x])
#Forge a Common file without DG15
self._forged.append(ComCreation().create(self._forged))
def setEPassport(self, ep):
self._forged = []
for x in ep:
if x not in (converter.toTAG("DG15"), converter.toTAG("Common")):
self._forged.append(ep[x])
#Forge a Common file without DG15
self._forged.append(ComCreation().create(self._forged))
def _readHeader(self, dg):
header = self._iso7816.readBinary(self.offset, 4)
(self._bodySize, self.offset) = asn1Length(header[1:])
self.offset += 1
self.log("Body Size: " + str(self._bodySize) + " Offset " +
str(self.offset))
if (converter.toTAG(dg) != binToHexRep(header[0])):
raise Exception("Wrong AID: " + binToHexRep(header[0]) +
" instead of " + converter.toTAG(dg))
return header[:self.offset]
def __getitem__(self, tag):
"""
@param tag: A Valid tag representing a dataGroup
@type tag: A string
@return: The datagroup object representing this dataGroup
@raise DataGroupException: If the tag is not linked to any dataGroup, or if an error occurs during the parsing
@raise APDUException: If an error occurs during the APDU transmit.
Try to read the DataGroup specified by the parameter 'tag'.
If the DG is already read, the DG is directly returned,
else the DG is read then returned
If there is a Security status not satisfied error,
the mutual authentication is run.
If there is no error during the mutualAuth, the APDU is resend else,
the error is propagated: there surely is an error in the MRZ field value
Please refer to ICAO Doc9303 Part 1 Volume 2, p III-28 for the complete
DataGroup <-> Tag correspondance
or have a look to the pypassport.datagroup.converter.py file
"""
self.log("getitem " + tag)
tag = converter.toTAG(tag)
self.log("getitem converted " + tag)
if tag not in self:
try:
tag = converter.toTAG(tag)
return self._getDG(tag)
except iso7816.Iso7816Exception as exc:
if exc[1] == 105 and exc[2] == 130:
#Security status not satisfied TODO support multiple levels of secure messaging
if self.isSecureMessaging:
self.log(
"Security status not satisfied, while secure messaging. Will reset connection"
)
self.reset()
raise exc
self.log("Enabling Secure Messaging")
self.doBasicAccessControl()
return self._getDG(tag)
else:
raise datagroup.DataGroupException(str(exc))
except KeyError:
raise datagroup.DataGroupException("The data group '" +
str(tag) +
"' does not exist")
except Exception as msg:
self.log(msg)
traceback.print_exc()
else:
return super(EPassport, self).__getitem__(tag)
def getPubKey(self, bac_cp, mrz_value):
"""
It uses method from pypassport.doc9303.bac in order to authenticate and establish the session keys
@param bac_cp: A BAC for the authentication and establishment of session keys
@type bac_cp: A pypassport.doc9303.bac.BAC() object
@param mrz_value: A MRZ
@type mrz_value: String value ("PPPPPPPPPPcCCCYYMMDDcSYYMMDDc<<<<<<<<<<<<<<cd")
@return: The public key (DG15)
"""
self.log("Reset conenction")
self._iso7816.rstConnection()
self.log("Generate the MRZ object")
mrz_pass = mrz.MRZ(mrz_value)
self.log("Check the MRZ")
mrz_pass.checkMRZ()
self.log("Authentication and establishment of session keys")
(KSenc, KSmac, ssc) = bac_cp.authenticationAndEstablishmentOfSessionKeys(mrz_pass)
self.log("Encryption key: {0}".format(binToHexRep(KSenc)))
self.log("MAC key: {0}".format(binToHexRep(KSmac)))
self.log("Send Sequence Counter: {0}".format(binToHexRep(ssc)))
sm = SecureMessaging(KSenc, KSmac, ssc)
self._iso7816.setCiphering(sm)
dgReader = datagroup.DataGroupReaderFactory().create(self._iso7816)
tag = converter.toTAG("DG15")
dgFile = dgReader.readDG(tag)
self.log("Get public key")
dg15 = datagroup.DataGroupFactory().create(dgFile)
self.log("Public key: {0}".format(binToHexRep(dg15.body)))
return dg15.body
def _readHeader(self, dg):
header = self._iso7816.readBinary(self.offset, 4)
(self._bodySize, self.offset) = asn1Length(header[1:])
self.offset += 1
if(converter.toTAG(dg) != binToHexRep(header[0])):
raise Exception, "Wrong AID: " + binToHexRep(header[0]) + " instead of " + str(self.file.tag)
return header[:self.offset]
def __getitem__(self, tag):
"""
@param tag: A Valid tag representing a dataGroup
@type tag: A string
@return: The datagroup object representing this dataGroup
@raise DataGroupException: If the tag is not linked to any dataGroup, or if an error occurs during the parsing
@raise APDUException: If an error occurs during the APDU transmit.
Try to read the DataGroup specified by the parameter 'tag'.
If the DG is already read, the DG is directly returned,
else the DG is read then returned
If there is a Security status not satisfied error,
the mutual authentication is run.
If there is no error during the mutualAuth, the APDU is sent again else,
the error is propagated: there surely is an error in the MRZ field value
Please refer to ICAO Doc9303 Part 1 Volume 2, p III-28 for the complete
DataGroup <-> Tag correspondance
or have a look to the pypassport.datagroup.converter.py file
"""
tag = converter.toTAG(tag)
if not self.has_key(tag):
try:
tag = converter.toTAG(tag)
return self._getDG(tag)
except iso7816.Iso7816Exception, exc:
if exc[1] == 105 and exc[2] == 130:
#Security status not satisfied
self.log("Enabling Secure Messaging")
self.doBasicAccessControl()
return self._getDG(tag)
else:
raise datagroup.DataGroupException(str(exc))
except KeyError:
raise datagroup.DataGroupException("The data group '" +
str(tag) +
"' does not exist")
def __getitem__(self, tag):
"""
@param tag: A Valid tag representing a dataGroup
@type tag: A string
@return: The datagroup object representing this dataGroup
@raise DataGroupException: If the tag is not linked to any dataGroup, or if an error occurs during the parsing
@raise APDUException: If an error occurs during the APDU transmit.
Try to read the DataGroup specified by the parameter 'tag'.
If the DG is already read, the DG is directly returned,
else the DG is read then returned
If there is a Security status not satisfied error,
the mutual authentication is run.
If there is no error during the mutualAuth, the APDU is sent again else,
the error is propagated: there surely is an error in the MRZ field value
Please refer to ICAO Doc9303 Part 1 Volume 2, p III-28 for the complete
DataGroup <-> Tag correspondance
or have a look to the pypassport.datagroup.converter.py file
"""
tag = converter.toTAG(tag)
if not self.has_key(tag):
try:
tag = converter.toTAG(tag)
return self._getDG(tag)
except iso7816.Iso7816Exception, exc:
if exc[1] == 105 and exc[2] == 130:
#Security status not satisfied
self.log("Enabling Secure Messaging")
self.doBasicAccessControl()
return self._getDG(tag)
else:
raise datagroup.DataGroupException(str(exc))
except KeyError:
raise datagroup.DataGroupException("The data group '" + str(tag) + "' does not exist")
def _setHeader(self, value):
self.__header = value
if value != "":
self.__tag = converter.toTAG(binToHexRep(value[0]))
def __init__(self):
self._dgc = DataGroupFileCreation(converter.toTAG("DG2"))
def __init__(self):
self._dgc = DataGroupFileCreation(converter.toTAG("SecurityData"))
self._hashAlgo = "sha1"
self._openssl = OpenSSL()
def __init__(self):
self._dgc = DataGroupFileCreation(converter.toTAG("DG2"))
def __init__(self):
self._dgc = DataGroupFileCreation(converter.toTAG("SecurityData"))
self._hashAlgo = "sha1"
self._openssl = OpenSSL()
def generate( firstname,
surname,
sex,
dob,
nationality,
id_doc,
doe,
issuer,
face_path,
country,
organisation,
pob,
middle_name,
issuing_auth,
doi,
height,
eyes,
address,
update = True,
cap_path = None):
if firstname == "": firstname = "John"
if surname == "": surname = "Doe"
if sex == "": sex = "M"
if dob == "YYYY/MM/DD": dob = "1970/01/01"
if nationality == "": nationality = "BEL"
if id_doc == "": id_doc = "EH123456"
if doe == "YYYY/MM/DD": doe = datetime.date.today().strftime("%Y/%m/%d")
if issuer == "": issuer = "BEL"
if face_path == "": face_path = "epassportviewer/ressources/face.jpg"
if country == "": country = "BEL"
if organisation == "": organisation = "UCL"
if doi == "YYYY/MM/DD": doi = None
date_cmp = doe.split("/")
doe = datetime.date(int(date_cmp[0]), int(date_cmp[1]), int(date_cmp[2]))
date_cmp = dob.split("/")
dob = datetime.date(int(date_cmp[0]), int(date_cmp[1]), int(date_cmp[2]))
###################
# CA #
###################
# Create a fake Country Signer Certification Authority
CSCA = pki.DistinguishedName(C=country[:2], O=organisation, CN="CSCA")
# Create a fake Document Signer bond to CSCA
DS = pki.DistinguishedName(C=country[:2], O=organisation, CN="Document-Signer")
ca = pki.CA()
(csca, cscaKey) = ca.createCSCA(1024, 720, CSCA)
(ds, dsKey) = ca.createDS(1024, 365, DS)
###################
# DATAGROUP #
###################
# Create DataGroup 1 (MRZ) [mandatory]
dg1 = datagroupcreation.DataGroup1Creation().create("P", issuer, surname, firstname, nationality, sex, id_doc, dob.strftime("%d%m%y"), doe.strftime("%d%m%y"))
# Create DataGroup 2 (Face) [Mandatory]
dg2 = datagroupcreation.DataGroup2Creation().create(face_path)
dgs = [dg1, dg2]
# Create DataGroup 11 (Additional document holder information) [Optional]
if pob or middle_name:
dgc = datagroupcreation.DataGroupFileCreation(converter.toTAG("DG11"))
content = ""
# Full name
if middle_name:
middle_name = middle_name.replace(' ', '<')
full_name = surname.upper() + "<<" + firstname.upper() + middle_name.upper()
dgc.addDataObject("5F02", full_name)
# Place of birth
if pob:
pob = pob.replace(' ', '<')
dgc.addDataObject("5F11", pob)
content += "5F11"
dgc.addDataObject("5C", hexfunctions.hexRepToBin("5F11"))
dg11 = datagroup.DataGroupFactory().create(dgc)
dgs.append(dg11)
# Create DataGroup 12 (Additional document information) [Optional]
if issuing_auth or doi:
dgc = datagroupcreation.DataGroupFileCreation(converter.toTAG("DG12"))
content = ""
# Issuing authority
if issuing_auth:
dgc.addDataObject("5F19", issuing_auth)
content += "5F19"
# Date of issue
if doi:
date_cmp = doi.split("/")
doi = datetime.date(int(date_cmp[0]), int(date_cmp[1]), int(date_cmp[2]))
dgc.addDataObject("5F26", doi.strftime("%Y%m%d"))
content += "5F26"
dgc.addDataObject("5C", hexfunctions.hexRepToBin(content))
dg12 = datagroup.DataGroupFactory().create(dgc)
dgs.append(dg12)
# Create DataGroup 13 (Reserved for national specific data) [Optional]
if height or eyes or address:
print "DG13"
dgc = datagroupcreation.DataGroupFileCreation(converter.toTAG("DG13"))
content = ""
# Height
if height:
dgc.addDataObject("9F01", height)
content += "9F01"
# Eyes
if eyes:
dgc.addDataObject("9F02", eyes)
content += "9F02"
# Address
if address:
dgc.addDataObject("9F03", address)
content += "9F03"
dgc.addDataObject("5C", hexfunctions.hexRepToBin(content))
dg13 = datagroup.DataGroupFactory().create(dgc)
dgs.append(dg13)
# Create presence map [mandatory]
com = datagroupcreation.ComCreation().create(dgs)
# Create a signer data strcture [mandatory]
sod = datagroupcreation.SODCreation().create(ds, dsKey, dgs)
dgs.append(com)
dgs.append(sod)
###################
# JCOP #
###################
# Initializing the GPlatform object with the reader #1
if not update:
jc = jcop.GPlatform(reader_nb)
jc.install(cap_path)
r = readerAbstract.waitForCard()
jcw = jcop.JavaCardWritter(r)
# Write the forged ePassport in the JCOP
for dg in dgs:
jcw.writeDG(dg)
jcw.setKseed(dg1)
def _setHeader(self, value):
self.__header = value
if value != "":
self.__tag = converter.toTAG(binToHexRep(value[0]))
